Microsoft has issued takedown notices to multiple websites hosting the company …

Share this story

Microsoft has been issuing takedown notices for publicly hosting its leaked Computer Online Forensic Evidence Extractor (COFEE) tool. The company sent off "Demand for Immediate Take-Down: Notice of Infringing Activity" to companies hosting websites that offered the tool. The e-mails all start with the following standard statement: "Microsoft has received information that the domain listed above, which appears to be on servers under your control, is offering unlicensed copies of, or is engaged in other unauthorized activities relating to copyrighted works published by Microsoft."

One of the websites that received legal threats from Redmond is Cryptome.org, a great repository for information about freedom of speech, cryptography, spying, and surveillance. According to e-mail correspondences posted on Cryptome, Microsoft contacted Network Solutions, which hosts Cryptome, and since John Young, the owner of the website, wasn't too keen on losing his whole website for the sake of a single 15MB file, he removed the download link and sent Network Solutions a notice of compliance.

Every single Microsoft application that leaks out to the Web is available on BitTorrent networks and various underground corners of the Internet, and Microsoft can't really take care of all of them, though this move is consistent with the company's promise to pursue unauthorized distribution of its code. Of course, a few takedown notices will do little against those who really want to get their hands on the tool, though it will make it a tad harder to get at for those who are not very tech-savvy.

Microsoft first revealed the tool back in April 2008, and in April 2009, the company announced that it will aid global law enforcement in fighting cybercrime by providing its COFEE tool free of charge to International Criminal Police Organization's (Interpol) Global Security Initiative (GSI), a project that addresses international security challenges, and the participating 187 countries. Microsoft managed to keep the lid tightly sealed until earlier this month, when pirates decided it was time to leak the tool to the Web and let more than just government crime-fighters use it.

The COFEE application uses common digital forensics tools to help law enforcement officials at the scene of a crime gather volatile evidence of live computer activity that would otherwise be lost in a traditional offline forensic analysis. In other words, it lets officers grab data from password-protected or encrypted sources. The forensics tool works best with Windows XP but Microsoft is working on a new version of COFEE for next year that fully supports Windows Vista and Windows 7.